OpenBSD email provider

classic Classic list List threaded Threaded
29 messages Options
12
Reply | Threaded
Open this post in threaded view
|

OpenBSD email provider

Jean-Francois Simon
Hello all,

I'm looking for a secure mail provider, i fpossible using OpenBSD, also
wondering if OpenBSD itself provides it for interested people.
If anybody has informations thanks would be interesting to share.

Regards

Jeff

Reply | Threaded
Open this post in threaded view
|

Re: OpenBSD email provider

Janne Johansson-3
2014-03-15 17:54 GMT+01:00 Jean-Francois Simon <[hidden email]>:

> Hello all,



> also wondering if OpenBSD itself provides it for interested people.
>

No.

Reply | Threaded
Open this post in threaded view
|

Re: OpenBSD email provider

Michael Cornwell
In reply to this post by Jean-Francois Simon
I haven’t used this provider, but they use OpenBSD.

http://www.neomailbox.net/

Mike

On Mar 15, 2014, at 12:54 PM, Jean-Francois Simon <[hidden email]> wrote:

> Hello all,
>
> I'm looking for a secure mail provider, i fpossible using OpenBSD, also wondering if OpenBSD itself provides it for interested people.
> If anybody has informations thanks would be interesting to share.
>
> Regards
>
> Jeff

Reply | Threaded
Open this post in threaded view
|

Re: OpenBSD email provider

Łukasz Ratajski
On Saturday 15 March 2014 15:56:00 Michael Cornwell wrote:
> I haven’t used this provider, but they use OpenBSD.
>
> http://www.neomailbox.net/
>
> Mike

You might as well check out BSWS. http://www.bsws.de/en Available in English
and German, with a variety of services. Speaking from experience (MX hosting,
DNS), they provide very competent and kind support.

To answer OP's specific question: http://www.bsws.de/en/email/

--
OpenPGP Key 4096R/7F0B40F4

Reply | Threaded
Open this post in threaded view
|

Re: OpenBSD email provider

Jean-Philippe Ouellet
In reply to this post by Jean-Francois Simon
On 3/15/14 12:54 PM, Jean-Francois Simon <[hidden email]> wrote:
> I'm looking for a secure mail provider, i fpossible using OpenBSD,
> also wondering if OpenBSD itself provides it for interested people.
> If anybody has informations thanks would be interesting to share.

https://github.com/mailserv/mailserv comes to mind, although I've
never tried it or read its source.

I think a better question might be what qualities you're actually
looking for in your "mail provider" as your question seems to
indicate a misguided approach towards some notion of "secure email".

As far as I'm concerned, the only difference between 3rd party email
services is reliability. I wouldn't trust any of them anyway.

I see you have a pgp key on the keyservers, but it seems somewhat
neglected since all your sigs have expired and dsa/elgamal (especially
with 1024 bit keys) hasn't been recommended for quite some time. I
think revisiting that would be a more productive use of your time
than abandoning your gmail account.

Although, don't read the above as "pgp solves your problems", you
haven't explained your problems, and pgp has its issues too, some of
which are unavoidable because of problems inherent to email to begin
with.

If what you're after is something more along the lines of "private
communication", I'd say email probably isn't what you're looking
for to begin with. Maybe something more like OTR [1], or pond once
it gets reviewed more.

[1] https://otr.cypherpunks.ca/
[2] https://github.com/agl/pond

If you want absolute privacy, don't use computers.
If you want to get things done, keep your gmail.
If you want to read documentation, become your own "mail provider
using OpenBSD".

Reply | Threaded
Open this post in threaded view
|

Re: OpenBSD email provider

Jean-Francois Simon
Hello

Some answers in your mail. Thanks.

Just to mention, I'm looking for a more private ESP. As I know that
OpenBSD conveys an idea of security, I tend to trust a provider relying
on this OS.

Regards

Le 17/03/2014 02:51, Jean-Philippe Ouellet a écrit :

> On 3/15/14 12:54 PM, Jean-Francois Simon <[hidden email]> wrote:
>> I'm looking for a secure mail provider, i fpossible using OpenBSD,
>> also wondering if OpenBSD itself provides it for interested people.
>> If anybody has informations thanks would be interesting to share.
> https://github.com/mailserv/mailserv comes to mind, although I've
> never tried it or read its source.
>
> I think a better question might be what qualities you're actually
> looking for in your "mail provider" as your question seems to
> indicate a misguided approach towards some notion of "secure email".
I'm also using own server today, essentially, I have'nt check deeply,
but seems gmail does use automated bots who check the mail content for
purpose I don't know about.
> As far as I'm concerned, the only difference between 3rd party email
> services is reliability. I wouldn't trust any of them anyway.
>
> I see you have a pgp key on the keyservers, but it seems somewhat
> neglected since all your sigs have expired and dsa/elgamal (especially
> with 1024 bit keys) hasn't been recommended for quite some time. I
> think revisiting that would be a more productive use of your time
> than abandoning your gmail account.
Indeed, I'm not using the keys anymore. They're not updated.
> Although, don't read the above as "pgp solves your problems", you
> haven't explained your problems, and pgp has its issues too, some of
> which are unavoidable because of problems inherent to email to begin
> with.
>
> If what you're after is something more along the lines of "private
> communication", I'd say email probably isn't what you're looking
> for to begin with. Maybe something more like OTR [1], or pond once
> it gets reviewed more.
Not so much private as "hidden" but as private.
> [1] https://otr.cypherpunks.ca/
> [2] https://github.com/agl/pond
>
> If you want absolute privacy, don't use computers.
> If you want to get things done, keep your gmail.
> If you want to read documentation, become your own "mail provider
> using OpenBSD".
No I don't need absolute privacy about this topic, I mean that needs
encryption etc ...
Yes I want things done, I keep the gmail account, yet I'm interested in
a more private solution where I can be absolutely sure that privacy is
totally respected.
I have tried some time ago third solution, however I think since I have
a local dynamic IP, I got soon identified as spam mail server and mails
would'nt reach their destination.

Reply | Threaded
Open this post in threaded view
|

Re: OpenBSD email provider

Daniel Ouellet
>> [1] https://otr.cypherpunks.ca/
>> [2] https://github.com/agl/pond
>>
>> If you want absolute privacy, don't use computers.
>> If you want to get things done, keep your gmail.
>> If you want to read documentation, become your own "mail provider
>> using OpenBSD".
> No I don't need absolute privacy about this topic, I mean that needs
> encryption etc ...
> Yes I want things done, I keep the gmail account, yet I'm interested in
> a more private solution where I can be absolutely sure that privacy is
> totally respected.
> I have tried some time ago third solution, however I think since I have
> a local dynamic IP, I got soon identified as spam mail server and mails
> would'nt reach their destination.

So, you know you still can run your own mail server, encrypted your
email if that's what you want and still relay via your gmail as well.

There is nothing wrong to run your mail server, but instead of relay
from it, you can relay from it to your ISP, or to GMail as well so your
point of "a local dynamic IP, I got soon identified as spam mail server
and mails would'nt reach their destination" wouldn't apply.

If that's what you want, this doesn't stop you from doing exactly what
you say you want to do.

Having you authenticate to GMail to send out or your server authenticate
on your behalf to GMail is not different.

You may want to check it out if that's what you want and you would have
what you say you want.

Best regards,

Daniel

Reply | Threaded
Open this post in threaded view
|

Re: OpenBSD email provider

Zé Loff-2
On 17/03/2014, at 20:21, Daniel Ouellet <[hidden email]> wrote:

>>> [1] https://otr.cypherpunks.ca/
>>> [2] https://github.com/agl/pond
>>>
>>> If you want absolute privacy, don't use computers.
>>> If you want to get things done, keep your gmail.
>>> If you want to read documentation, become your own "mail provider
>>> using OpenBSD".
>> No I don't need absolute privacy about this topic, I mean that needs
>> encryption etc ...
>> Yes I want things done, I keep the gmail account, yet I'm interested in
>> a more private solution where I can be absolutely sure that privacy is
>> totally respected.
>> I have tried some time ago third solution, however I think since I have
>> a local dynamic IP, I got soon identified as spam mail server and mails
>> would'nt reach their destination.
>
> So, you know you still can run your own mail server, encrypted your
> email if that's what you want and still relay via your gmail as well.
>
> There is nothing wrong to run your mail server, but instead of relay
> from it, you can relay from it to your ISP, or to GMail as well so your
> point of "a local dynamic IP, I got soon identified as spam mail server
> and mails would'nt reach their destination" wouldn't apply.
>
> If that's what you want, this doesn't stop you from doing exactly what
> you say you want to do.
>
> Having you authenticate to GMail to send out or your server authenticate
> on your behalf to GMail is not different.
>
> You may want to check it out if that's what you want and you would have
> what you say you want.
>
> Best regards,
>
> Daniel

The last time I checked (and it was a long time ago), GMail rewrote either the sender or the reply-to address with the one you use to authenticate the connection. Again, it might not be true now, but it has happened to me in the past.

Reply | Threaded
Open this post in threaded view
|

Re: OpenBSD email provider

Jean-Philippe Ouellet
In reply to this post by Jean-Francois Simon
On 3/17/14 3:25 PM, Jean-Francois Simon wrote:
> Just to mention, I'm looking for a more private ESP. As I know that
> OpenBSD conveys an idea of security, I tend to trust a provider
> relying on this OS.

Not necessarily a safe assumption.

> I'm also using own server today, essentially, I have'nt check deeply,
> but seems gmail does use automated bots who check the mail content for
> purpose I don't know about.

That will continue to happen, whether in your mailbox, or the mailboxes
of the people you are communicating with.

> No I don't need absolute privacy about this topic, I mean that needs
> encryption etc ...
> Yes I want things done, I keep the gmail account, yet I'm interested
> in a more private solution where I can be absolutely sure that
> privacy is totally respected.

I don't see a way to interpret that statement such that it doesn't
contradict itself. Do you want privacy? or not...

Sounds like maybe you want privacy by entrusting all your data
to others that you can't even audit, all without any crypto???
Yeah... good luck with that :P

Also, "absolutely sure privacy is totally respected"???
Let me know when you find a jurisdiction in which you can reasonably
expect that to even be possible to begin with. "Absolute" and "totally"
are pretty strong words, especially in this era of mass-infrastructure-
sabotage and involuntary key disclosure, not to mention the difficulties
of implementing a reasonably secure system to begin with.

Reply | Threaded
Open this post in threaded view
|

Re: OpenBSD email provider

Daniel Ouellet
In reply to this post by Zé Loff-2
> The last time I checked (and it was a long time ago), GMail rewrote either the sender or the reply-to address with the one you use to authenticate the connection. Again, it might not be true now, but it has happened to me in the past.

Look to me that you should do some research before asking.

simple google search "gmail relay email"

and second link from the answer.

https://support.google.com/a/answer/2956491?hl=en

Start there and see where you want to go next. But please help yourself.

Hopefully this will help you some.

Best

Daniel

Reply | Threaded
Open this post in threaded view
|

Re: OpenBSD email provider

Daniel Ouellet
I think this give you plenty of example to do what you are asking about:

https://www.google.com/search?q=gmail+relay+email&ie=utf-8&oe=utf-8&aq=t&rls=org.mozilla:en-US:official&client=firefox-a&channel=sb


On 3/17/14, 10:02 PM, Daniel Ouellet wrote:

>> The last time I checked (and it was a long time ago), GMail rewrote either the sender or the reply-to address with the one you use to authenticate the connection. Again, it might not be true now, but it has happened to me in the past.
>
> Look to me that you should do some research before asking.
>
> simple google search "gmail relay email"
>
> and second link from the answer.
>
> https://support.google.com/a/answer/2956491?hl=en
>
> Start there and see where you want to go next. But please help yourself.
>
> Hopefully this will help you some.
>
> Best
>
> Daniel

Reply | Threaded
Open this post in threaded view
|

Re: OpenBSD email provider

Jay Patel-7
In reply to this post by Jean-Francois Simon
If you are already using your own email server, use it with OpenBSD it will
be best and if you are looking into GUI for openbsd or simple solution
check out http://gayatri-hitech.com/all-products/mailpigeon/

Thanks,
Jay


On Sat, Mar 15, 2014 at 10:24 PM, Jean-Francois Simon <[hidden email]
> wrote:

> Hello all,
>
> I'm looking for a secure mail provider, i fpossible using OpenBSD, also
> wondering if OpenBSD itself provides it for interested people.
> If anybody has informations thanks would be interesting to share.
>
> Regards
>
> Jeff

Reply | Threaded
Open this post in threaded view
|

Re: OpenBSD email provider

Zé Loff-2
In reply to this post by Daniel Ouellet
On Mon, Mar 17, 2014 at 10:02:00PM -0400, Daniel Ouellet wrote:

> > The last time I checked (and it was a long time ago), GMail rewrote
> > either the sender or the reply-to address with the one you use to
> > authenticate the connection. Again, it might not be true now, but it
> > has happened to me in the past.
>
> Look to me that you should do some research before asking.
>
> simple google search "gmail relay email"
>
> and second link from the answer.
>
> https://support.google.com/a/answer/2956491?hl=en
>
> Start there and see where you want to go next. But please help
> yourself.
>
> Hopefully this will help you some.
>
> Best
>
> Daniel
>

Hi Daniel

Not sure if you were replying to me or to the OP, but I'll just clarify
things for the archives. I just checked, and what I said remains true:

If you compose a mail from [hidden email], and use GMail as a relay, using
some GMail account's credentials ([hidden email]) for SMTP auth, the
recipient will get a message in which the "From:" field has been
rewritten from [hidden email] to [hidden email]. Furthermore, the sent email
will be stored in [hidden email]'s "Sent Mail" folder.

Anyway this whole discussion is pointless. If the OP is looking for "a
more private ESP" using GMail as a relay isn't really an option IMHO.
I just wanted to give a warning about the header rewriting.

Over and out


--

Reply | Threaded
Open this post in threaded view
|

Re: OpenBSD email provider

Stuart Henderson
In reply to this post by Jean-Francois Simon
On 2014-03-17, Jean-Francois Simon <[hidden email]> wrote:
> Just to mention, I'm looking for a more private ESP. As I know that
> OpenBSD conveys an idea of security, I tend to trust a provider relying
> on this OS.

"conveys an idea of security" won't help you if the provider uses bad
mail daemons or configuration or has an accident, all of which are
just as possible with OpenBSD as another OS.

Choice of mail daemon and knowledge/competence in the whole operating
environment would mean more to me than particular choice of OS.
Fastmail seemed above average to me last time I looked but this was
several years ago, I prefer self-hosting.

Reply | Threaded
Open this post in threaded view
|

Re: OpenBSD email provider

Kevin Chadwick-2
In reply to this post by Jean-Philippe Ouellet
previously on this list Jean-Philippe Ouellet contributed:

> Also, "absolutely sure privacy is totally respected"???
> Let me know when you find a jurisdiction in which you can reasonably
> expect that to even be possible to begin with.

Yeah, I believe you have to pin STARTTLS for each host manually for it
not to be easily circumvented.

If you just wish to avoid search companies scanning your mail content
for keywords then I expect there are many providers to choose from.

Otherwise forget the server and use gpg and protect your host or look
for an ISP that gives you a static IP. I find I still have some trouble
with higher paying Cisco customers like banks though using dumb
filter methods.

--
_______________________________________________________________________

'Write programs that do one thing and do it well. Write programs to work
together. Write programs to handle text streams, because that is a
universal interface'

(Doug McIlroy)

In Other Words - Don't design like polkit or systemd
_______________________________________________________________________

Reply | Threaded
Open this post in threaded view
|

Re: OpenBSD email provider

Craig Skinner-3
In reply to this post by Jean-Francois Simon
On 2014-03-17 Mon 20:25 PM |, Jean-Francois Simon wrote:

>
> Just to mention, I'm looking for a more private ESP. As I know that
> OpenBSD conveys an idea of security, I tend to trust a provider
> relying on this OS.
>
> >If you want to read documentation, become your own "mail provider
> >using OpenBSD".
> I have tried some time ago third solution, however I think since I
> have a local dynamic IP, I got soon identified as spam mail server
> and mails would'nt reach their destination.
>

Find an ISP that will provision a static IP address & do it yourself.
Ask around at your local BSD/Linux user groups. Until then;

Outbound: ask your ISP for their relay host detail. Normally it is
mail.isp.net or smtp.isp.net. Usually there is no authentication
required as they only allow connections from the (dynamic) IP addresses
they provide to their customers.

Inbound: Ask your ISP about an ETRN feed, which used to be popular for
businesses connected by dialup/ISDN. If they charge extra for it, ask
about the cost of a static IP connection & compare.


For off site mail, a search for OpenBSD shell hosting providers came up
with these, some of which are used by people on this list:
http://www.devio.us/help#10
http://www.grex.org/staff/system.xhtml
http://openbsd.polarhome.com/

Reply | Threaded
Open this post in threaded view
|

Re: OpenBSD email provider

James Shupe-4
In reply to this post by Jean-Francois Simon
On 3/15/2014 11:54 AM, Jean-Francois Simon wrote:

> Hello all,
>
> I'm looking for a secure mail provider, i fpossible using OpenBSD, also
> wondering if OpenBSD itself provides it for interested people.
> If anybody has informations thanks would be interesting to share.
>
> Regards
>
> Jeff
>
Get an inexpensive OpenBSD VPS and do it yourself. You don't have to
muck with your ISP at that point.


--
James Shupe

Reply | Threaded
Open this post in threaded view
|

Re: OpenBSD email provider

Giancarlo Razzolini-3
In reply to this post by Kevin Chadwick-2
Em 18-03-2014 09:44, Kevin Chadwick escreveu:

> previously on this list Jean-Philippe Ouellet contributed:
>
>> Also, "absolutely sure privacy is totally respected"???
>> Let me know when you find a jurisdiction in which you can reasonably
>> expect that to even be possible to begin with.
> Yeah, I believe you have to pin STARTTLS for each host manually for it
> not to be easily circumvented.
>
> If you just wish to avoid search companies scanning your mail content
> for keywords then I expect there are many providers to choose from.
>
> Otherwise forget the server and use gpg and protect your host or look
> for an ISP that gives you a static IP. I find I still have some trouble
> with higher paying Cisco customers like banks though using dumb
> filter methods.
>
A static IP address without a meaningful reverse name mapping such as
mail.myopenbsdhomeserver.com isn't very useful. Most ISP's wont do
reverse mappings or will charge your eyeballs for it. Also, you can host
anything these days using dynamic ip addresses. If your IP address
changes you will stay a few seconds without receiving any mail, and also
may have some mail delayed, but you shouldn't lose anything. And you can
use services for relaying your mail, instead of sending them directly
from your home server. I use amazon ses and it works like a charm. It
has DKIM and most mail servers accepts their mail without any problems.

--
Giancarlo Razzolini
GPG: 4096R/77B981BC

Reply | Threaded
Open this post in threaded view
|

Re: OpenBSD email provider

Jan Stary
In reply to this post by Jean-Francois Simon
> I'm looking for a more private ESP.

Personally, I am also fed up with people
interfering with my earthquake precognitions.

Reply | Threaded
Open this post in threaded view
|

Re: OpenBSD email provider

Kevin Chadwick-2
In reply to this post by Giancarlo Razzolini-3
On Tue, 18 Mar 2014 11:23:12 -0300
Giancarlo Razzolini wrote:

> A static IP address without a meaningful reverse name mapping such as
> mail.myopenbsdhomeserver.com isn't very useful. Most ISP's wont do
> reverse mappings or will charge your eyeballs for it.

It's perfectly useful, mail is only dropped by some idiotic systems
(already mentioned) that don't understand or care about more effective
anti spam methods or the little guy and when the big guys cause almost
all of the spam.

> Also, you can host
> anything these days using dynamic ip addresses. If your IP address
> changes you will stay a few seconds without receiving any mail, and also
> may have some mail delayed, but you shouldn't lose anything.

Except that if whoever has just been using that ip address is part of a
botnet or likes mass mailing then you may well get blocked as you have
no trackable reputation. There are things like DKIM but they aren't
universally checked yet and serve more as assurance than combating spam.
DKIM should be coupled with spf too.

12